Published on May 8th, 20140
Before You Be Snapping and Chatting, Remember This
Such was the promise of Snapchat, a popular app that allows users to designate a period of time (ten seconds or less) that a recipient can view a photo or video message before it would vanish into thin air. Forever.
People liked the idea; in fact, they loved the idea. Within two years of its mobile app launch, Snapchat users were transmitting more than 350 million snaps daily.
But there was a major problem. The workaround. The FTC, in a complaint against the California-based Snapchat Inc. settled Thursday, said several methods exist by which recipients of Snapchats can save them, allowing them to live on, indefinitely, and possibly come back to bite the sender (when say, the sender is running for mayor, governor or president.)
Snapchat knew about some of these methods, the FTC said. And some are incredibly simple, such as taking a screenshot of the Snapchat message. Snapchat did indeed acknowledge this method, promising it would alert a user if a recipient did this. (The sender would then, apparently, have to ask the receiver to delete it –if they didn’t want the image to come back and bite them when, say, they were running for mayor, governor or president — and hope they did.)
But users could easily circumvent Snapchat’s screenshot detection mechanism. This is because, yes, there was a work around. Receivers – apparently smarter than Snapchat’s programmers would have imaged –could hit their “home” buttons in rapid succession on their mobile devices and save the images without the senders being notified.
Besides that sticky issue of disappearing images that didn’t really disappear forever, Snapchat also made other promises it didn’t keep, including deceiving customers over the amount of personal data it collected and the security measures taken to protect the data, the FTC alleged.
The complaint also alleged that the company:
- Misleadingly promised that it did not ask for, track or access users’ location specific information when it had in fact integrated an analytics tracking service in the Android version.
- Collected information (without informing users until September 2012) on all the contacts in a user’s mobile device address book when the user chose to allow Snapchat to “Find Friends.”
- Promised that it was “dedicated to securing customer data” and “takes reasonable steps to help protect your personal information,” such as verifying that users’ mobile phone numbers were in fact their phone numbers and not someone elses, when it didn’t. In fact, numerous consumers complained that they had sent snaps to accounts under the belief that they were communicating with a friend, when in fact, they were not, resulting in the unintentional disclosure of photos containing personal information. In addition, consumers complained that accounts associated with their phone numbers had been used to send inappropriate or offensive snaps. Also, as a result of security failings, attackers were able to use multiple accounts to send millions of “Find Friends” requests and obtain users’ names and mobile phone numbers.
As part of the settlement, Snapchat agreed to implement a privacy program that will be monitored by an independent privacy expert for the next 20 years.
The takeaway? Snapchats aren’t as ephemeral as users hoped. The only thing that’s really ephemeral these days is online privacy.